Alert handling is an important function of network management wherein, inter alia, the condition of a resource is monitored and an action is taken based upon the nature of (or changes in) the condition. An example of a resource is a network computer. A network computer comprises a processor, memory and a port adapted to be connected to a network, the port and memory being coupled to the processor. Another type of a resource is a device resource. A device resource is an apparatus that is typically adapted to be connected to a network computer. An example of a device resource is a hard disk drive. Another example of a device resource is a microprocessor-controlled thermocouple that is used to control an industrial process.
An alert handling system should be capable of carrying out the following functions: specifying an alert condition (i.e., the condition that triggers an alert action); monitoring the alert condition; sending an alert message when the alert condition is met; and performing an appropriate alert action in response to the alert message.
In certain instances, alert information can be sensitive. For example, revealing under what conditions an alert action is triggered creates a target for an adverse party seeking to manipulate resources that can be affected by the alert handling system. For example, an alert condition specifies that when the network traffic destined for a given subnetwork exceeds a certain threshold, the subnetwork is to be shut down. Revealing this condition could enable an adverse party to shut the subnetwork down at will by flooding the subnetwork with spurious message traffic above the threshold. Also, an adverse party could identify an unintended property of an alert condition or alert action and disadvantageously manipulate resources affected by the alert handling system.
Likewise, an adverse party could masquerade as an alert originator, sending a false alert occurrence message that causes an alert action to be performed spuriously. An unauthorized party could alter the conditions under which an alert action is triggered, possibly disrupting network operations or impairing alert handling. An unauthorized party could also disadvantageously alter the alert action that is triggered when an alert condition is met.
An alert system should provide assurance that the purported source of an alert message is the true source, i.e., that the message is authentic, to prevent an unauthorized party from masquerading as a party authorized to use or manipulate the alert handling system. An alert system should also provide assurance that the contents of any alert message have not been subjected to unauthorized modification. Further, an alert system should protect the confidentiality of sensitive information in alert messages to prevent its unauthorized disclosure.